
What Is Claimed Is: 

1 1 . A method for managing encryption within a database system that is 

2 managed by a security administrator, whereftn encryption is performed 

3 automatically and transparently to a user 0f the database system, wherein users of 

4 the database system are managed by a user administrator, the method comprising: 

5 receiving a request to store data in a column of the database system, 

6 wherein the column is designated as An encrypted column; 

7 in response to receiving the/equest, automatically encrypting data using an 

8 encryption function, wherein the encryption function uses a key stored in a keyfile 

9 managed by the security admini^rator; and 

10 storing data in the data/ase system using a storage function of the database 

1 1 system. / 

1 2. The methq/of claim 1, furtl^pmprising: 

2 receiving a request to retrieve d^ a fr^Vhe^encrypted column of the 

3 database system; / \_y 

4 if the request to retrieve data is received from the database administrator, 

5 preventing the database administrator from decrypting encrypted data; 

6 if the request to retrieve data is received from the security administrator, 

7 preventing the security administrator from decrypting encrypted data; and 

8 if the request to retrieve data is from an authorized user of the database 

9 system, allowing the authorized user to decrypt encrypted data. 



/ 



1 3. / The method of claim 1 , wherein the security administrator selects 

2 one of, data encryption standard (DES) and triple DES as a mode of encryption 

3 for the coldmn. 

/ 
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1 4. The method of claim 1 , wherefin the security administrator, the 

2 database administrator, and the user administrator are distinct roles, and wherein a 

3 person selected for one of these roles is nou allowed to be selected for another of 

4 these roles. / 

1 5 . The method of claim 1 , vs*ierein managing the keyfile includes, but 

2 is not limited to: / 

3 creating the keyfile; / 

4 establishing a plurality of keysfto be stored in the keyfile; 

5 establishing a relationship between a ke/Tdemtifier and the key stored in 

6 the keyfile; / / \ 

7 storing the keyfile in one of, / / i 

8 an encrypted file in the database system, and 

9 a location separate from the database system; ancf^ 

10 moving an obfuscated copy of the keyfile to a volatile memory within a 

1 1 server associated with the database system. 

1 6. The method of claim 1 , wherein upon receiving a request from the 

2 security administrator specifying the column to be encrypted, if the column 

3 currently contains data, the method further comprises: 

4 decrypting the column/using an old key if the column was previously 

5 encrypted; and / 

6 encrypting the column using a new key. 
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1 7. The method of claim 5, wherein tlie/key identifier associated with 

2 the encrypted column is stored as metadata associated with a table containing the 

3 encrypted column within the database system. 

1 8. The method of claim 5, further comprising establishing encryption 

2 parameters for the encrypted column, wherein the encryption parameters include 

3 encryption mode, key length, and integrity type by: 

4 entering encryption parameters for the encrypted column manually; and 

5 recovering encryption parameters for the encrypted column from a profile 

6 table in the database system. 




1 9. A computer-readabp storage mediiip storing instructions that 

2 when executed by a computer caiises the/ compute! to perform a method for 
3 
4 
5 



managing encryption within a d/tabaseiysten^^ by a se curity 

administrator, wherein encryp/on is performed automatically and transparently to 
a user of the database systen/ wherein users of the database system are managed 

6 by a user administrator, the/ nethod comprising: 

7 receiving a reques/to store data in a column of the database system, 

8 wherein the column is designated as an encrypted column; 

9 in response to receiving the request, automatically encrypting data using an 

10 encryption function, /^herein the encryption function uses a key stored in a keyfile 

1 1 managed by the security administrator; and 

12 storing da,fa in the database system using a storage function of the database 



13 system. 



/ 



1 10. /The computer-readable storage medium of claim 9, the method 

2 further comprises: 

i 

\ 
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receiving a request to retrieve datp from the encrypted column of the 
database system; 

if the request to retrieve data isteceived from the database administrator, 
preventing the database administrator from decrypting encrypted data; 

if the request to retrieve data is received from the security administrator, 
preventing the security administrator from decrypting encrypted data; and 

if the request to retrieve data is from an authorized user of the database 
system, allowing the authorized used to decrypt encrypted data. 



1 1 . The computer-readaftle storage medium of claim 9, wherein the 
security administrator selects one of, data enciy^Hoh standard (DES) and triple 
DES as a mode of encryption for tne column. \ 

1 I 

12. The computer-readkble storage mediLn of claim 9, wherein the 
security administrator, the database administrator, aM4Jbeji§ei^diifinrstrator are 
distinct roles, and wherein a person selected fopone of these roles is not allowed 



to be selected for another of theie roles 



13. The computer-readable storage medium of claim 9, wherein 
managing the keyfile includes,/but is not limited to: 
creating the keyfile; 

establishing a plurality of keys to be stored in the keyfile; 
establishing a relationship between a key identifier and the key stored in 
the keyfile; 

storing the keyfile infone of, 

an encrypted) file in the database system, and 
a location separate from the database system; and 
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# • 



moving an obfuscated copy of the keyple to a volatile memory within a 
server associated with the database system. 

14. The computer-readable storage medium of claim 9, wherein upon 
receiving a request from the security adm/nistrator specifying the column to be 
encrypted, if the column currently contains data, the method further comprises: 

decrypting the column using an old key if the column was previously 
encrypted; and / 

encrypting the column using ^new key? 





15. The computer-readaple storage me$ium of claim/1 3, wherein the 
key identifier associated with the encrypted cohmn^isstoj^das metadata 
associated with a table containing the enprypted column within the database 
system. 

16. The compute/readable storage medium of claim 13, wherein the 
method further comprises establishing encryption parameters for the encrypted 
column, wherein the encryption parameters include encryption mode, key length, 
and integrity type by: 

entering encryption parameters for the encrypted column manually; and 
recovering encryption parameters for the encrypted column from a profile 
table in the database system. 

/ 

1 7. An apparatus that facilitates managing encryption within a 
database system mat is managed by a security administrator, wherein encryption is 
performed autorr/atically and transparently to a user of the database system, 

/ 

17 

Attorney Docket No. OROO-03802 Inventor: Wessman 

ARPWP0RSCHEVMY DOCUMENTS\ORACLE CORPORATION\OR00-03802\OR00-03802 APPLICATION.DOC 



4 

5 
6 
7 
8 
9 

10 
11 
12 
13 



wherein users of the database system are managed by a user administrator, 
comprising: 

a receiving mechanism that is configured to receive a request to store data 
in a column of the database system, wherein the column is designated as an 
encrypted column; I 

an encrypting mechanism that is configured to encrypt data using an 
encryption function, wherein the encryption function uses a key stored in a keyfile 
managed by the security administrator; and 

a storing mechanism that is configured to store data in the database system 
using a storage function of the database system. 



1 

2 
3 
4 
5 
6 
7 

1 

2 
3 



1 8. The apparatus of claim 1 ll further comprising: 

the receiving mechanism that i^urtheivcOn^gured to receive a request to 
retrieve data from the encrypted column of me database system; 

an access mechanism that is/onfi^ured to prevfeht the database 
administrator and the security admmistnior from decerning encrypted ^ta; and 
wherein the access mechanism i s configur^ to alloxan authorized user 
of the database system to decrypt encryp^ed^d^/ 

1 9. The apparatus of claim 1 7, further comprising a selection 
mechanism that is configured to select one of, data encryption standard (DES) and 
triple DES as a mod^/of encryption for the column. 



1 20. The apparatus of claim 1 7, wherein the security administrator, the 

2 database administrator, and the user administrator are distinct roles, and wherein a 

3 person selected for one of these roles is not allowed to be selected for another of 

4 these roles/ 

/ 
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2 1 . The apparatus of clajtn 1 7, further comprising: 

a creating mechanism that ^configured to create the keyfile; 

an establishing mechanism /hat is configured to establish a plurality of 
keys to be stored in the keyfile; / 

wherein the establishing n/echanism is further configured to establish a 
relationship between a key identifier and the key stored in the keyfile; 

a storing mechanism thay'is configured to store the keyfile in one of, 

an encrypted filejin the database system, and 

i 

a location separate from the database system; and 
a moving mechanism tljat is configured to move an obfuscated copy of the 
keyfile to a volatile memory within a server associated with the database system. 



22. The apparatus /of claim 17, farther comprising: 

a decrypting mechanism that is cor/figured \o decrypt the column using a 

previous key if the column yas previously encrypted; and 

wherein the encryptjrfg mechanism is furfhfer configured t^ricrypt the 

column using a new key. 




23. The apparatus of claim 2fTwherein the key identifier associated 
with the encrypted column is stored as metadata associated with a table containing 
the encrypted column within the database system. 

24. The apparatus of claim 21, wherein the establishing mechanism is 
further configured to establish encryption parameters for the encrypted column, 
wherein encryption paifameters include encryption mode, key length, and integrity 
type, and wherein thejlstablishing mechanism includes: 

19 

Attorney Docket No. OROO-03802 Inventor: Wessman 

ARPWPORSCHEVMY DOCUMENTSVORACLE CORPORATION\OR00-03802\OR00-03802 APPLICATION. DOC 



an entering mechanism that ispontigured to enter encryption parameters 
for the encrypted column manu^lt^; and / * 

a recovering mechajrfsm that is conffigWaJaiecover encryption 
parameters for the encj^pted column from a profile table in the database system. 
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